AMENDMENTS TO THE CLAIMS 

Please amend claims 10, 23, 31, 34, 37 and 41 as indicated in the complete 
listing of claims provided below. 

1 . (Original) A method of operating a proxy server, the method comprising: 
receiving an initial request from a user device during a current session between 

the user device and the proxy server; 

terminating the current session if the initial request is to a secure server; and 
establishing a tunnel, through the proxy server, between the user device and the 
secure server, via a trusted domain proxy/firewall, upon receipt of a further request from 
the user device to access the secure server if the initial request is to a secure server. 

2. (Original) The method of claim 1 , further comprising determining whether the 
initial request is to a destination address of a secure server. 

3. (Original) The method of claim 2 wherein determining whether the initial request 
is to a destination address of a secure server comprises finding a match of the 
destination address of the secure server in a pre-provisioned list of secure servers in 
the proxy server. 

4. (Original) The method of claim 2 wherein determining whether the initial request 
is to a destination address of a secure server comprises forwarding the request to a 
non-secure server associated with the destination address and receiving an error 
message in response thereto, which message is indicative that the destination address 
is that of a secure server. 
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5. (Original) The method of claim 1 further comprising waiting a predetermined 
period for the further request. 

6. (Original) The method of claim 1 wherein establishing the tunnel comprises 
storing state information in order to identify the further request as being associated with 
the initial request. 

7. (Original) The method of claim 1 wherein terminating the current session 
comprises sending an error message to the user device which causes the user device 
to send the further request to the proxy server. 

8. (Original) The method of claim 7 wherein the error message is a standard error 
message in a protocol supported by the user device. 

9. (Original) The method of claim 1 wherein establishing the tunnel comprises 
opening a socket with the trusted domain proxy/firewall and mapping the socket to an 
inbound socket opened with the user device upon receipt of the further request. 

10. (Currently Amended) The method of claim 1 further comprising establishing a 
time-to-live defeytt- delav f or the tunnel, beyond which time the tunnel is terminated. 

1 1 . (Original) The method of claim 1 which comprises terminating the tunnel upon 
the occurrence of a predetermined event. 
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12. (Original) The method of claim 11 wherein the predetermined event comprises 
receiving a request from the user device to access a server other than the secure 
server. 

13. (Original) The method of claim 1 1 wherein the predetermined event comprises 
the termination of the session between the user device and the trusted domain 
proxy/firewall at the instance of the trusted domain proxy/firewall. 

14. (Original) A machine readable program storage medium, having code stored 
therein, which when executed on a proxy server causes the proxy server to perform a 
method comprising 

receiving an initial request from a user device during a current session between a 
user device and the proxy server; 

terminating the current session if the initial request is to a secure server; and 
establishing a tunnel, through the proxy server, between the user device and the 
secure server, via a trusted domain proxy/firewall, upon receipt of a further request from 
the user device to access the secure server if the initial request is to a secure server. 

15. (Original) The machine readable program storage medium of claim 14, wherein 
the method comprises determining whether the initial request is to a destination 
address of a secure server. 

16. (Original) The machine readable program storage medium of claim 15, wherein 
determining whether the initial request is to a destination address of a secure server, 
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comprises finding a match of the destination address in a pre-provisioned list of secure 
servers in the proxy. 

17. (Original) The machine readable program storage medium of claim 16, wherein 
determining whether the initial request is to a destination address of a secure server 
comprises forwarding the request to a non-secure server associated with the 
destination address and receiving an error message in response thereto, which 
message is indicative that the destination address is that of a secure server. 

18. (Original) The machine readable program storage medium of claim 14, wherein 
the method further comprises waiting a predetermined period for the further request. 

19. (Original) The machine readable program storage medium of claim 14, wherein 
establishing the tunnel comprises storing state information in order to identify the further 
request as being associated with the initial request. 

20. (Original) The machine readable program storage medium of claim 14, wherein 
terminating the current session comprises sending an error message to the user device 
which causes the user device to send the further request to the proxy server. 

21 . (Original) The machine readable program storage medium of claim 20, wherein 
the error message is a standard error message in a protocol supported by the user 
device. 

22. (Original) The machine readable program storage medium of claim 14, wherein 
establishing the tunnel comprises opening a socket with the trusted domain 
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proxy/firewall and mapping the socket to an inbound socket opened with the user 
device upon receipt of the further request. 

23. (Currently Amended) The machine readable program storage medium of claim 
14, wherein the method further comprises establishing a time-to-live defemlt- delav f or 
the tunnel, beyond which time the tunnel is terminated. 

24. (Original) The machine readable program storage medium of claim 14, wherein 
the method comprises terminating the tunnel upon the occurrence of a predetermined 
event. 

25. (Original) The machine readable program storage medium of claim 24, wherein 
the predetermined event comprises receiving a request from the user device to access 
a server other than the secure server. 

26. (Original) The machine readable program storage medium of claim 24, wherein 
the predetermined event comprises the termination of the session between the user 
device and the trusted domain proxy/firewall at the instance of the trusted domain 
proxy/firewall. 

27. (Original) A proxy server comprising: 
a processor; and 

a memory device, having stored therein a code, which when executed by the 
processor, causes the proxy server to: 

receive an initial request from a user device during a current session 
between the user device and the proxy server; 
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terminate the current session if the initial request is to a secure server; 

and 

establish a tunnel, through the proxy server, between the user device and 
the secure server, via a trusted domain proxy/firewall, upon receipt of a further request 
from the user device to access the secure server if the initial request is to a secure 
server. 

28. (Original) The proxy server of claim 27, wherein the code comprises instructions 
to determine whether the initial request is to a destination address of a secure server. 

29. (Original) The proxy server of claim 28, wherein determining whether the initial 
request is to a destination address of a secure server comprises finding a match of the 
destination address of the secure server in a pre-provisioned list of secure servers in 
the proxy server. 

30. (Original) The proxy server of claim 29, wherein determining whether the initial 
request is to a destination address of a secure server comprises forwarding the request 
to a non-secure server associated with the destination address and receiving an error 
message in response thereto, which message is indicative that the destination address 
server is that of a secure server. 

31 . (Currently Amended) The method -proxy server o f claim 28, wherein the code 
further comprises instructions for waiting a predetermined period for the further request. 
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32. (Original) The proxy server of claim 28, wherein establishing the tunnel 
comprises storing state information in order to identify the further request as being 
associated with the initial request. 

33. (Original) The proxy server of claim 28, wherein terminating the current session 
comprises sending an error message to the user device which causes the user device 
to send the further request to the proxy server. 

34. (Currently Amended) The melhed- proxv server of claim 33, wherein the error 
message is a standard error message in a protocol supported by the user device. 

35. (Original) The proxy server of claim 28, wherein establishing the tunnel 
comprises opening a first socket with the trusted domain proxy/firewall and mapping the 
socket to an inbound socket opened with the user device upon receipt of the further 
request. 

36. (Original) The proxy server of claim 28, wherein the code further comprises 
instructions to establish a time-to-live default for the tunnel, beyond which time the 
tunnel is terminated. 

37. (Currently Amended) The proxy server of claim 4-27, wherein the code further 
comprises instructions to terminate the tunnel upon the occurrence of a predetermined 
event. 
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38. (Original) The proxy server of claim 37, wherein the predetermined event 
comprises receiving a request from the user device to access a server other than the 
secure server. 

39. (Original) The proxy server of claim 38, wherein the predetermined event 
comprises the termination of a session between the user device and the trusted domain 
proxy/firewall at the instance of the trusted domain proxy/firewall. 

40. (Original) A proxy server comprising: 

means for receiving an initial request from a user device during a current session 
between the user device and the proxy server; 

means for terminating the current session if the initial request is to a secure 
server; and 

means for establishing a tunnel, through the proxy server, between the user 
device and the secure server, via a trusted domain proxy/firewall, upon receipt of a 
further request from the user device to access the secure server. 

41 . (Currently Amended) A method of operating a proxy server, tbe-ajriethod 
comprising: 

receiving an initial request from a user device during a current session between 
the user device and the proxy server; 

determining whether the initial request is to a secure server; 

terminating the current session between the user device and the proxy server if 
the initial request is to a secure server, the current session being terminated with a 
standard error message in a protocol understood by the user device which message 
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causes the user device upon receipt of the error message to re-send the request to the 
proxy server; and 

upon receipt of the re-sent request within a predetermined time, opening a 
socket with the-atrusted domain proxy/firewall and mapping the socket with an inbound 
socket opened between the proxy server and the user device. 
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